建立存取原則Create an Access Policy

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

您可以使用此主題中 IPAM client 主機建立存取原則。You can use this topic to create an access policy in the IPAM client console.

資格在系統管理員,或相當於,才能執行此程序最小值。Membership in Administrators, or equivalent, is the minimum required to perform this procedure.

注意

您可以在 Active Directory 中建立特定的使用者或群組使用者存取原則。You can create an access policy for a specific user or for a user group in Active Directory. 當您建立存取原則時,您必須選取建 IPAM 角色或建立自訂角色。When you create an access policy, you must select either a built-in IPAM role or a custom role that you have created. 適用於自訂角色詳細資訊,請查看進行存取控制建立使用者角色For more information on custom roles, see Create a User Role for Access Control.

若要建立存取原則To create an access policy

  1. 在伺服器管理員中,按一下IPAMIn Server Manager, click IPAM. 顯示 IPAM client 主機。The IPAM client console appears.

  2. 在瀏覽窗格中,按一下存取控制In the navigation pane, click ACCESS CONTROL. 較低的瀏覽窗格中,以滑鼠右鍵按一下存取原則,然後按新增存取原則In the lower navigation pane, right-click Access Policies, and then click Add Access Policy.

    新增存取原則

  3. 新增存取原則對話方塊。The Add Access Policy dialog box opens. 的使用者設定,按一下 [新增]In User Settings, click Add.

    新增存取原則

  4. 選取使用者或群組對話方塊。The Select User or Group dialog box opens. 按一下位置Click Locations.

    使用者或群組的位置

  5. 位置對話方塊。The Locations dialog box opens. 瀏覽至含有帳號位置,選取位置,然後按一下[確定]Browse to the location that contains the user account, select the location, and then click OK. 位置關閉對話方塊。The Locations dialog box closes.

    選取的位置

  6. 選取使用者或群組對話方塊中,在輸入物件名稱來選取 [,輸入您要建立存取原則的使用者 account 名稱。In the Select User or Group dialog box, in Enter the object name to select, type the user account name for which you want to create an access policy. 按一下[確定]Click OK.

  7. 新增存取原則,請在使用者設定使用者別名原則套用到帳號現在也包含。In Add Access Policy, in User Settings, User alias now contains the user account to which the policy applies. 存取設定,按一下 [新增]In Access Settings, click New.

    新增存取設定

  8. 新增存取原則存取設定變更為新的設定In Add Access Policy, Access Settings changes to New Setting.

    對話方塊中名稱變更為新的設定

  9. 按一下選擇角色,展開清單中的角色。Click Select role to expand the list of roles. 選取一個建的角色,或如果您已建立新的角色,選取其中一個您所建立的角色。Select one of the built-in roles or, if you have created new roles, select one of the roles that you created. 例如,如果您建立套用到使用者 IPAMSrv 的角色,按一下IPAMSrvFor example, if you created the IPAMSrv role to apply to the user, click IPAMSrv.

    ![選取 角色

  10. 按一下[新增設定Click Add Setting.

    新增新的設定

  11. 的角色被新增到存取原則。The role is added to the access policy. 建立其他存取原則,請按套用],然後針對您想要建立的每個原則重複這些步驟。To create additional access policies, click Apply, and then repeat these steps for each policy that you want to create. 如果您不想要建立額外的原則,請按一下[確定]If you do not want to create additional policies, click OK.

    按一下 [套用] 或 [確定]

  12. 確認 IPAM client 主機顯示窗格中,會建立新的存取原則。In the IPAM client console display pane, verify that the new access policy is created.

    檢視新存取原則

也了See Also

以角色為基礎存取控制Role-based Access Control
管理 IPAMManage IPAM